Sign in
 
HomeSecurity BulletinsToolsLearnLibrarySupport
Security TechCenter >
Manually add PC certificate for RMS

Answered Manually add PC certificate for RMS

  • Wednesday, July 18, 2012 4:09 PM
     
     
    Sign In to Vote
    0

    Good Afternoon,

    We have some users who were migrated from DomainA to DomainB.  After this, the users (and PCs) from DomainB are not able to open an email sent with RMS from DomainA.  There is a 2 way trust between the domains, and we have situations where if the PC and user account were migrated from DomainA to DomainB and already had a certificate file (in %userprofile%\appdata\microsoft\drm), then it works.

    What we need to know is if there's a way to manually import the cetificate on to the PC in order for the PCs/users on DomainB to open the emails sent from DomainA.

    I really hope someone can help with this!

    Thanks!!

     

All Replies

  • Friday, July 27, 2012 5:32 AM
     
     Answered
    Sign In to Vote
    0

    Hi tmhart,

    to use RMS across forest limits you need to configure:

    - Create a trusted user domain between the AD RMS installations
    - Enable anonymous access on the AD RMS licensing pipeline
    - Extend the Active Directory schema
    - Create contact objects and distribution groups

    These steps are described in detail in this article: 

    http://download.microsoft.com/download/b/1/0/b106fc39-936c-4857-a6ea-3fb9d1f37063/Deploying%20Active%20Directory%20Rights%20Management%20Services%20in%20a%20Multiple%20Forest%20Environment%20Step-by-Step%20Guide.doc

    Hope that will help,

    Lutz